Symfony 2: How do I check if a user is not logged in inside a template?
Solution 1
You can check if app.user is set.
{% if app.user %}
# user is logged in
{% else %}
# user is not logged in
{% endif %}
Solution 2
Although the current answer answers the OP's question, I would like to add more details.
I understand the OP did not want to check roles, but I am including them so other SO users can copy and paste from this in the future. - everytime I google this, I end up here!
Symfony Doc Sources:
- http://symfony.com/doc/current/book/security.html
- http://symfony.com/doc/current/cookbook/security/remember_me.html
Check if any user logged in (regardless of role)
As answered, you can use app.user
to check if any user is logged in.
{% if app.user %}
# user is logged in (any and all users, regardless of ROLE_*)
{% elseif not app.user %}
# user is not logged in (note the `not` in the `elseif` statement)
{% endif %}
Checking authentication status
You can use the is_granted()
method to check for ROLES
, (The below are all roles assigned by symfony, You may also have you own roles (more below))
{% if is_granted('IS_AUTHENTICATED_FULLY') %}
# This user entered their credentials THIS session
{% elseif is_granted('IS_AUTHENTICATED_REMEMBERED') %}
# User logged in via a cookie (ie: Auth again before doing sensitive things)
{% elseif is_granted('IS_AUTHENTICATED_ANONYMOUSLY') %}
# This is a `guest` or anonymous user
{% endif %}
from the docs:
IS_AUTHENTICATED_ANONYMOUSLY - automatically assigned to a user who is in a firewall protected part of the site but who has not actually logged in. This is only possible if anonymous access has been allowed.
IS_AUTHENTICATED_REMEMBERED - automatically assigned to a user who was authenticated via a remember me cookie.
IS_AUTHENTICATED_FULLY - automatically assigned to a user that has provided their login details during the current session.
Checking Roles
You can also use is_granted()
to check for roles.
Assuming we have 3 roles (ROLE_SUPER_ADMIN
, ROLE_ADMIN
, & ROLE_USER
)
{% if is_granted('ROLE_SUPER_ADMIN') -%}
# You're `ROLE_SUPER_ADMIN`
{% elseif is_granted('ROLE_ADMIN') -%}
# You're `ROLE_ADMIN`
{% elseif is_granted('ROLE_USER') -%}
# You're `ROLE_USER`
{% else %}
# You're a `nobody` ;P
{%- endif %}
Doing the above inside a controller
View the following answer: How to check if an user is logged in Symfony2 inside a controller?
Related videos on Youtube
Tool
Updated on June 11, 2020Comments
-
Tool almost 4 years
In Symfony 2 templates (using Twig), how can I effectively check whether a user is not logged in?
I don't want to use
ROLE
checks. I want a straightforward way to check if a user is not logged in.I'm aware that comparing
app.user.username
withanon
works, but that just doesn't feel right to me. -
Mac_Cain13 over 11 yearsNote that if you want to check if the user is NOT logged in you can use:
{% if not app.user %}
-
Ronan over 10 yearsUse
{% if is_granted('IS_AUTHENTICATED_FULLY') %}
instead. See Symfony2 doc : symfony.com/doc/current/book/…. Also available for Silex : silex.sensiolabs.org/doc/providers/… -
RayOnAir about 10 years@Ronan
{% if is_granted('IS_AUTHENTICATED_FULLY') %}
will only return true if the user has authenticated in the current session. It will return false if the user authenticated via a remember me cookie. Using{% if app.user %}
is correct, if one wants to return true regardless of when the user authenticated. -
Harold almost 10 years@Ronan, that doesn't work as it results in the following error: No Authentication Provider found for token of class "Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken".
-
V-Light over 9 yearsI'm just curious... what
-%}
and{%-
stands for ? why not%}
and{%
? -
Anil over 9 yearsThe
-
removes all trailing whitespace so that it's more readable in the browser source source. More info here: twig.sensiolabs.org/doc/templates.html#whitespace-control -
Sebastian G. Marinescu over 8 years
{% if app.security.token is null or app.security.token.user == 'anon.' %}
that's how I got it working for me -
pzaj about 7 yearsForgive me for bringing this old question to live again, but I think I read somewhere that app.user will not be null for anonymous users, isn't that correct? Wouldn't that mean that check for app.user is not sufficient?
-
pzaj about 7 years@Anil symfony.com/doc/2.8/templating/app_variable.html second parameter described is
app.user
, going like thatThe value stored in this variable can be a UserInterface object, any other object which implements a __toString() method or even a regular string.
. I don't remember where I read that app.user returns "anon." string unfortunately and under what circumstances. -
Anil about 7 years@user1970395 The first line in the docs read
The representation of the current user or null if there is none.
, so it will be null. A third party bundle could return a string if it's customUserInterface
implementation has a__toString()
method which is called when anonymous.